Introduction
How to add a command or binary to CageFS for all users
Procedure
Method #1 - For adding commands or binaries that are provided by an RPM package
- Login to the server as the root user via SSH or Terminal
- Use the cagefs command with the --addrpm option to add the desired RPM package.
cagefsctl --addrpm nmap
NOTE: The --delrpm option can be used to remove RPMs that you have added in this manner.
NOTE: In this example we are adding the nmap utility to CageFS for demonstration purposes. You probably do not want to make this specific utility available to users without fully understanding the potential consequences. - Update the cage with the new package with the following command to make it available to all users:
/usr/sbin/cagefsctl --force-update
Method #2 - For adding individual binaries manually with Filesystem Templates
- Login to the server as the root user via Terminal or SSH
- Create a new file with a name that makes sense for the binary that you are adding. For example:
touch /etc/cagefs/conf.d/myCustomBinary.cfg
NOTE: Do not edit existing files in the /etc/cagefs/conf.d directory. CloudLinux updates will remove changes to files provided by CloudLinux, so a new file is required for any customizations. - Open the file that you created with the text editor of your choice and add the following configuration. Be sure to update the specifics to match your own binary:
[my-custom-binary]
comment=This is a binary that is not typically found inside of CageFS.
paths=/bin/my-custom-binary, /usr/bin/another-custom-binary - Then update CageFS to include the changes:
cagefsctl --force-update